An Expert's Guide: Secure Windows Server PowerShell Remoting

Windows system administrators have been slow to adopt PowerShell, a command-line management shell that’s been heavily pushed by Microsoft over the last few years. PowerShell has become such an important part of Microsoft’s management strategy, that all Windows Server features must now support full PowerShell manageability out-of-the-box, and in some cases, new features are only accessible via PowerShell.

This trend is also reflected in the demand for PowerShell as a skill, and while the GUI in Windows Server is not going away anytime soon, there is a new emphasis on PowerShell management, as can be seen in the headless install option in Windows Server 2016 (Nano), and the lack of full GUI install option when setting up Windows Server 2016; although the desktop GUI can be added at a later point, paradoxically using the command line.

PowerShell is fast becoming a must-have skill for Windows system administrators, but one of the concerns is that PowerShell, and particularly PowerShell Remoting, could lead to security issues if enabled, or not configured correctly. However, the reality is that PowerShell is the most secure way to manage Windows Server.

Access to PowerShell Remoting endpoints can be determined using Active Directory users and groups, and it’s not necessary to be an administrator to use PowerShell on a remote system. Furthermore, PowerShell constrained endpoints can be locked down to ensure that users can only run specified modules, cmdlets and functions.

In this webinar, join me to learn how PowerShell Remoting can be configured to provide a secure means of remote administration, how to control which users can access PowerShell remote endpoints, and additionally how to secure PowerShell Remoting outside of an Active Directory environment using SSL.

Author: Russell Smith, Windows and IT Security Expert